vulnerability

Debian: CVE-2019-18625: suricata -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:P/A:N)	Jan 6, 2020	Feb 3, 2020	Feb 10, 2020

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:P/A:N)

Published

Jan 6, 2020

Added

Feb 3, 2020

Modified

Feb 10, 2020

Description

An issue was discovered in Suricata 5.0.0. It was possible to bypass/evade any tcp based signature by faking a closed TCP session using an evil server. After the TCP SYN packet, it is possible to inject a RST ACK and a FIN ACK packet with a bad TCP Timestamp option. The client will ignore the RST ACK and the FIN ACK packets because of the bad TCP Timestamp option. Both linux and windows client are ignoring the injected packets.

Solution

debian-upgrade-suricata

References

CVE-2019-18625
https://attackerkb.com/topics/CVE-2019-18625
DEBIAN-DLA-2087-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today